Facebook Pixel
Microsoft Certification Training
Search classes by keyword:
Search classes by category:
Microsoft Certification and Microsoft Training, Cisco Certification and MCSE Certification
CompTIA PenTest+ space



CompTIA PenTest+ Certification Training Course

CompTIA PenTest+ (PT0-001)

Course Number: #CED-1636
Course Length: 5 days
Number of Exams: 1
Certifications: CompTIA PenTest+

Grants (discounts) are available for multiple students for the same or different courses.

Guaranteed to Run Guaranteed to Run


Upcoming Dates Class Times Class Format Quote
2/22 - 2/26, 2021 10:00 AM - 6:00 PM ET
9:00 AM - 5:00 PM CT
7:00 AM - 3:00 PM PT
4:00 AM - 12:00 PM HT
Instructor-Led Quote
3/22 - 3/26, 2021 10:00 AM - 6:00 PM ET
9:00 AM - 5:00 PM CT
7:00 AM - 3:00 PM PT
4:00 AM - 12:00 PM HT
Instructor-Led Quote
5/10 - 5/14, 2021 10:00 AM - 6:00 PM ET
9:00 AM - 5:00 PM CT
7:00 AM - 3:00 PM PT
4:00 AM - 12:00 PM HT
Instructor-Led Quote
6/21 - 6/25, 2021 10:00 AM - 6:00 PM ET
9:00 AM - 5:00 PM CT
7:00 AM - 3:00 PM PT
4:00 AM - 12:00 PM HT
Instructor-Led Quote
 Guaranteed to Run Self-Paced Online Self-Study Quote

Online Self-Study courses allow you to study around your busy schedule, remain working as you train, work at your own pace. Certification is guaranteed.


Instructor-Led

  • Hands-on instruction by a certified instructor
  • Includes all course materials
  • On-site Testing
  • Lunch & Snacks provided each day
  • Practice Exam
  • Certification Exam

Online Self-Study

  • Training Videos
  • Course Materials
  • Practice Exam
  • Certification Exam

Can't travel or you want to stay with your family or business. No problem! Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.

Remote Classroom Training

Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers. You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.

CompTIA PenTest+ (PT0-001) is for cybersecurity professionals tasked with penetration testing and vulnerability management.

CompTIA PenTest+ meets the ISO 17024 standard. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

What Skills Will You Learn?

  • Planning & Scoping
    Explain the importance of planning and key aspects of compliance-based assessments
  • Information Gathering & Vulnerability Identification
    Gather information to prepare for exploitation then perform a vulnerability scan and analyze results.
  • Attacks & Exploits
    Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques
  • Penetration Testing Tools
    Conduct information gathering exercises with various tools and analyze output and basic scripts (limited to: Bash, Python, Ruby, PowerShell)
  • Reporting & Communication
    Utilize report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities

Jobs that use CompTIA PenTest+

  • Penetration Tester
  • Vulnerability Tester
  • Security Analyst (II)
  • Vulnerability Assessment Analyst
  • Network Security Operations
  • Application Security Vulnerability

Exam: PT0-001

The CompTIA PenTest+ certification verifies that successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results.

Course Content

1.0 Planning and Scoping
Explain the importance of planning for an engagement.
  • Understanding the target audience
  • Rules of engagement
  • Communication escalation path
  • Resources and requirements Budget
  • Impact analysis and remediation timelines
  • Disclaimers
  • Technical constraints
  • Support resources
Explain key legal concepts
  • Contracts
  • Environmental differences
  • Written authorization
Explain the importance of scoping an engagement properly.
  • Types of assessment
  • Special scoping considerations
  • Target selection
  • Strategy
  • Risk acceptance
  • Tolerance to impact
  • Scheduling
  • Scope creep
  • Threat actors
Explain the key aspects of compliance-based assessments.
  • Compliance-based assessments, limitations and caveats
  • Clearly defined objectives based on regulations
2.0 Information Gathering and Vulnerability Identification
Given a scenario, conduct information gathering using appropriate techniques.
  • Scanning
  • Enumeration
  • Packet crafting
  • Packet inspection
  • Fingerprinting
  • Cryptography
  • Eavesdropping
  • Decompilation
  • Debugging
  • Open Source Intelligence Gathering
Given a scenario, analyze vulnerability scan results.
  • Credentialed vs. non-credentialed
  • Types of scans
  • Container security
  • Application scan
  • Considerations of vulnerability scanning
Given a scenario, analyze vulnerability scan results.
  • Asset categorization
  • Adjudication
  • Prioritization of vulnerabilities
  • Common themes
Explain the process of leveraging information to prepare for exploitation.
  • Map vulnerabilities to potential exploits
  • Prioritize activities in preparation for penetration test
  • Describe common techniques to complete attack
Explain weaknesses related to specialized systems.
  • ICS
  • SCADA
  • Mobile
  • IoT
  • Embedded
  • Point-of-sale system
  • Biometrics
  • Application containers
  • RTOS
3.0 Attacks and Exploits
Compare and contrast social engineering attacks.
  • Phishing
  • Elicitation
  • Interrogation
  • Impersonation
  • Shoulder surfing
  • USB key drop
  • Motivation techniques
Given a scenario, exploit network-based vulnerabilities.
  • Name resolution exploits
  • SMB exploits
  • SNMP exploits
  • SMTP exploits
  • FTP exploits
  • DNS cache poisoning
  • Pass the hash
  • On-path attack (previously known as man-in-the-middle attack)
  • DoS/stress test
  • NAC bypass
  • VLAN hopping
Given a scenario, exploit wireless and RF-based vulnerabilities.
  • Evil twin
  • Deauthentication attacks
  • Fragmentation attacks
  • Credential harvesting
  • WPS implementation weakness
  • Bluejacking
  • Bluesnarfing
  • RFID cloning
  • Jamming
  • Repeating
Given a scenario, exploit application-based vulnerabilities.
  • Injections
  • Authentication
  • Authorization
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF/XSRF)
  • Clickjacking
  • Security misconfiguration
  • File inclusion
  • Unsecure code practices
Given a scenario, exploit local host vulnerabilities.
  • OS vulnerabilities
  • Unsecure service and protocol configurations
  • Privilege escalation
  • Default account settings
  • Sandbox escape
  • Physical device security
Summarize physical security attacks related to facilities.
  • Piggybacking/tailgating
  • Fence jumping
  • Dumpster diving
  • Lock picking
  • Lock bypass
  • Egress sensor
  • Badge cloning
Given a scenario, perform post-exploitation techniques.
  • Lateral movement
  • Persistence
  • Covering your tracks
4.0 Penetration Testing Tools
Given a scenario, use Nmap to conduct information gathering exercises.
  • SYN scan (-sS) vs. full connect scan (-sT)
  • Port selection (-p)
  • Service identification (-sV)
  • OS fingerprinting (-O)
  • Disabling ping (-Pn)
  • Target input file (-iL)
  • Timing (-T)
  • Output parameters
Compare and contrast various use cases of tools.
  • Use cases
  • Tools
Given a scenario, analyze tool output or data related to a penetration test.
  • Password cracking
  • Pass the hash
  • Setting up a bind shell
  • Getting a reverse shell
  • Proxying a connection
  • Uploading a web shell
  • Injections
Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell).
  • Logic
  • I/O
  • Substitutions
  • Variables
  • Common operations
  • Error handling
  • Arrays
  • Encoding/decoding
5.0 Reporting and Communication
Given a scenario, use report writing and handling best practices.
  • Normalization of data
  • Written report of findings and remediation
  • Risk appetite
  • Storage time for report
  • Secure handling and disposition of reports
Explain post-report delivery activities.
  • Post-engagement cleanup
  • Client acceptance
  • Lessons learned
  • Follow-up actions/retest
  • Attestation of findings
Given a scenario, recommend mitigation strategies for discovered vulnerabilities.
  • Solutions
  • Findings
  • Remediation
Explain the importance of communication during the penetration testing process.
  • Communication path
  • Communication triggers
  • Reasons for communication
  • Goal reprioritization

CED Solutions is your best choice for CompTIA PenTest+, CompTIA PenTest+ training, CompTIA PenTest+ certification, CompTIA PenTest+ boot camp, CompTIA PenTest+ certification training, CompTIA PenTest+ certification course, CompTIA PenTest+ course, CompTIA PenTest+ class.



CompTIA PenTest+ space
Search classes by keyword:
Search classes by category:


Copyright © 2020 CED Solutions. CED Solutions Refund Policy. All Rights Reserved.